Lancashire Times
Weekend Edition
Jamie Durham
IT Correspondent
8:07 AM 5th October 2020

Staying Cyber Secure In Lockdown 2.0

Earlier this month, British universities and colleges faced grim warnings from the National Cyber Security Centre (NCSC) – part of GCHQ – around a steep increase in the number of ransomware attacks on the UK’s education sector.

As organisations prepared for students to return to the classroom, cyber criminals used the flurry of activity to target the sector while it was at its most hectic. And, with the UK having been told – once again – to move to homeworking, companies must adopt heightened awareness when it comes to online danger.

But as the country enters another phase of the unknown, there are a number of ‘tells’ when it comes to potential infiltration by the dark web – with some more easy to spot than others. Here are three ways to keep yourself secure online.

No phishing

No matter the amount of malware you invest in, most breaches occur due to human error – usually as a result of misplaced trust. That’s why phishing attacks are one of the most prevalent tactics when it comes to cyber crooks gaining unauthorised access to your devices.

And, without stating the obvious, it’s important to pay close attention to ‘who’ lands in your inbox. Hackers are employing social engineering and psychological techniques – such as impersonating a colleague, supplier or customer – in order to infiltrate your data.

While the sender name can seem legit, it could be a hacker masquerading as someone you trust. Therefore, if your suspicions are raised, check the email format – often it’s as slight a difference as vs., so be alert.

Usually, such emails will also contain attachments to open or links for you to click on. And it’s important to be wary of embedded URLs which at first glance appear authentic, but when you hover your cursor over the call to action, the preview address is somewhat different.

Mobile matters too

It isn’t just your email account that’s susceptible to interception either, as mobile phones are increasingly becoming the target of ‘vishing’ attacks. With such a large proportion of the UK’s workforce currently operating from a home office, it’s important to ensure all employees’ hardware is secure.

Whether it’s a company mobile or a personal handset that’s being temporarily used as a business phone, vishing can take the form of automated calls pretending to be anyone from your bank to your phone contract provider.

Sharing personal information on public social media channels – e.g. “Why does O2 take so long to answer my calls?” – or detailing a company structure on your website, including the contact details of your accounts team, can be all the information a hacker needs to begin their attack.

That’s why, if there’s ever an inbound call that requires personal data, it’s important to seek out confirmation from the supplier themselves by initiating contact with them yourself, to ensure the legitimacy of the conversation.

Keep on top of updates

It might sound obvious, but don’t click ‘remind me later’ every time a security window appears – particularly in the case of computers, laptops, routers, mobile phones, apps printers and servers. Instead, set a reminder to run an update before logging off for the evening, or allow the program to do its job while you take a break for lunch.

That pesky pop-up might feel like an unnecessary annoyance, it will play its part in ensuring any vulnerabilities in your systems are patched up – and will make the application more secure. Delaying the repairs will only extend the opportunity for an attack and will increase the chances of a breach.

Share the news

While your IT provider will update you on the latest phishing tactics, it’s important that your internal communication team ensures the message is passed on to staff. Encourage and reward your colleagues to alert everyone to a potential threat – as this could mean the difference between a hacker being successful or not.

Unfortunately, in these technology-led times, a cyberattack or data breach can have a devastating impact on company reputation and brand image – so it’s important to do everything in your power to stay alert and prevent one from slipping through the net.